Return-Path: Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 3E9A2C0032; Fri, 27 Oct 2023 00:43:39 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id E55746FC58; Fri, 27 Oct 2023 00:43:38 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org E55746FC58 Authentication-Results: smtp3.osuosl.org; dkim=pass (2048-bit key, unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.a=rsa-sha256 header.s=fm3 header.b=ayLOjxc2 X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.602 X-Spam-Level: X-Spam-Status: No, score=-2.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZWbRdb8nZRRC; Fri, 27 Oct 2023 00:43:37 +0000 (UTC) Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) by smtp3.osuosl.org (Postfix) with ESMTPS id 8A70161360; Fri, 27 Oct 2023 00:43:37 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 8A70161360 Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id 196863201100; Thu, 26 Oct 2023 20:43:34 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Thu, 26 Oct 2023 20:43:34 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; t=1698367413; x=1698453813; bh=fAVjzREsiuYFV JIKqS78rQuX07prBXh7PyOwVIGRvQQ=; b=ayLOjxc2AYiSBvJ8CbjQl5Rjn4JxK MVaPnzvTtarlZ+ladhwjcbma7CVFkV7RdnlyFVR3/KHuN+X0a7q5CDbWk7MErFcB KPFCXcXjl6P50cpzRf158OooHGJniFbi/mCPClo9XE3eMoCK/pzKScv7JFuzffct 5MyaDyum4deE5jWw4Y7B09o8ATUMexqr/t0URe93arAE9z5wwQPl/HNF9xfvpmnj 40pG1Y+OZEJZ2PgvcKjH37RqjSYpxbDcQ0A18xegGdAGNw8SUxeYX7Mbb/gfNxhQ KOMqpE5YZ52e5fOcW5/AxjYX//iE4whYOwOyUcgONSh/pX3BeZHdh9ugA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrleefgdeflecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpeffhffvvefukfhfgggtuggjsehgtderredttddvnecuhfhrohhmpefrvghtvghr ucfvohguugcuoehpvghtvgesphgvthgvrhhtohguugdrohhrgheqnecuggftrfgrthhtvg hrnhepledvleelffdtudekudffjefgfeejueehieelfedtgfetudetgeegveeutefhjedt necuffhomhgrihhnpehpvghtvghrthhouggurdhorhhgnecuvehluhhsthgvrhfuihiivg eptdenucfrrghrrghmpehmrghilhhfrhhomhepphgvthgvsehpvghtvghrthhouggurdho rhhg X-ME-Proxy: Feedback-ID: i525146e8:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 26 Oct 2023 20:43:32 -0400 (EDT) Received: by localhost (Postfix, from userid 1000) id 946705F828; Fri, 27 Oct 2023 00:43:30 +0000 (UTC) Date: Fri, 27 Oct 2023 00:43:30 +0000 From: Peter Todd To: Antoine Riard , Bitcoin Protocol Discussion Message-ID: References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="JKgD872yQExnQkWu" Content-Disposition: inline In-Reply-To: Cc: security@ariard.me, "lightning-dev\\\\@lists.linuxfoundation.org" Subject: Re: [bitcoin-dev] Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us" X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Oct 2023 00:43:39 -0000 --JKgD872yQExnQkWu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Oct 21, 2023 at 09:05:35PM +0100, Antoine Riard via bitcoin-dev wro= te: > In the meanwhile, lightning experts have already deployed mitigations whi= ch > are hardening the lightning ecosystem significantly in face of simple or > medium attacks. More advanced attacks can only be mounted if you have > sufficient p2p and mempool knowledge as was pointed out by other bitcoin > experts like Matt or Peter (which take years to acquire for average bitco= in > developers) and the months of preparation to attempt them. To be clear, I am not making any claims about how easy this attack is to pu= ll off. Indeed, there are probably even cases where it happens by accident. Eg imagine a node with a HTLC-preimage that happens to be offline and then onl= ine at the right time to broadcast a HTLC-preimage redemption transaction with a higher fee than the timeout transaction. If the other node happens to go offline at the right time, after broadcasting the timeout transaction, it m= ay not notice the HTLC-preimage in the mempool, and thus fail to redeem it. OP_Expire would help avoid this situation, by making it impossible to redeem the HTLC-preimage after the timeout. --=20 https://petertodd.org 'peter'[:-1]@petertodd.org --JKgD872yQExnQkWu Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmU7B7AACgkQLly11TVR Lzfn8Q//c3syejae7aoVt0l66Vkrz402ZjvJ1GBWOhVgc4cBmTSbGzgZeUT5P5wG yVTr95c7amdeXt7CFWH3ClnKH66ZSVmXz6cu5vXLwURczaZQd1vgYnkzEhl4BTp5 VI6Lfjg4372vIopvfeAdLPuQ3iVqu7Iz4sQvI30+FMCudHkWKcDgujT6Z43h2jLd rQXrpUbpDU3czcdpg/XT+yv/5dL+UeGL/tHvvRQqNexS9EXZwMBWEF3QdyDu9PTI Y/oJyi8XzCBVWrxFPttuWaEvVIETS977F+76KvqfbqWSTAvfan52Q+ib+kYqY0Hq 7IDJo89oa+Wm0hM8rWXX74vxmoEbR0KFNyKYvFS+2hB/6ibS4FkW0BwLzoCQhVEf JIb4/pNHnw5BvPLfKI/nTMc82VcvpZGXHfkDeERciLwmoh+8cBhAvujyXPDTCo3w vRQcOmhYIVQEgdQdsK0nQ78kp82J/AbCiWkaiDwDfCSMbO5iL3RbbB7VIV9PLCqF zHvqRZUS60oqbChqOcWIN3wYn+i1fOhuM9o3L47y9TCtkamkYsWk0pKaztHCP6gB nfu3LksOneYYi3RANAy8YKbmlDw7L5/9nKjFV3H0QN9t+cNzOUIxLMMJRfqfsUWK WkoeXD/fkU5KgpFw5gaeHgR6WeZ8bMb4zKaCICYca1HXtpSeJnA= =j9JO -----END PGP SIGNATURE----- --JKgD872yQExnQkWu--